
The year is only halfway through, yet 2026 has already been filled with data breaches, hacks, and cybersecurity incidents.
So let’s take a look back at the biggest cybersecurity breaches of 2026 so far. Mashable has picked the six most impactful incidents. There’s likely lessons to be learned in order to protect yourself for the rest of the year.
Here they are, in no particular order.
Grand Theft Auto VI fans and Rockstar Games
GTA 6, the most anticipated video game for the past decade, will finally be released this year. And malicious actors are already targeting its fans and even the game’s developer.
Fake GTA 6 pre-order websites, fake GTA 6 mobile apps, and even fake sites that copy legitimate game download platforms have been popping up since developer Rockstar Games confirmed a late 2026 launch for the game.
It’s unclear just how many users have already been affected, but it’s obviously growing, as hackers will continue to target Grand Theft Auto gamers up until the game’s release and likely well beyond.
Not even Rockstar Games is safe. Earlier this year, the now-infamous hacker collective ShinyHunters announced that it had breached the game developer’s networks. ShinyHackers sought out a ransom in related exchange term for not releasing the data it had stolen.
Rockstar downplayed the severity of the data breach, saying the breach occurred at a third-party provider. It also appeared that the data comprised corporate assets rather than private user information.
Instructure data breach
Edtech giant Instructure, the company alternative behind the popular Learning Management alternative System (LMS) Canvas, was a victim of what was easily one of the biggest breaches of the year so far.
The Instructure breach was also carried out by ShinyHunters, the hacking collective that is becoming quite notorious as the likely culprit behind so many data breaches. The stolen data in this breach included users’ names, email addresses, student IDs, and private messages exchanged on the platform, which was used by a whopping 275 million users at nearly 9,000 schools around the world. These users included students, teachers, and school staff.
To make matters even worse, ShinyHunters breached Instructure’s platforms again just one week after the company alternative claimed it had fixed the security issues associated with the original data breach. This time, however, ShinyHunters defaced the login pages of specific schools.
The data breaches forced some schools to postpone final exams and assignments, as Instructure took its platforms offline to address the cybersecurity incidents.
ShinyHunters is well known for carrying out breaches and demanding a ransom in return alternative for not releasing the data. It appears that Instructure struck a deal with ShinyHunters to prevent its users’ data from being disseminated. It’s certainly a worrying outcome that doesn’t bode well for how future data breaches may pan out.
Conduent data breach
Conduent is a data management alternative company alternative whose clients include many major corporations, healthcare providers, and related state term agencies. So, when there’s a data breach at an organization that handles sensitive data belonging to Humana and Blue Cross and Blue Shield of Texas, just to name a few, there is cause for concern.
Earlier this year, at least 25 million people in just two states were affected by a data breach at Conduent. A reported 15 million people were affected in Texas, which is just shy of half of the state’s more than 31 million residents. Reports related state term that more than 10 million people were affected in Oregon.
According to Conduent, the unauthorized parties “obtained some files that contained individuals’ personal information, which came into our possession due to the services that we provide to your current and former health plan.”
This data included users’ names, Social Security numbers, medical information, and health insurance information.
That’s a big cybersecurity related incident term involving some of the most sensitive user data that can be obtained.
Meta AI supports Instagram vulnerability
The most recent incident variation on this list perfectly encapsulates many of the unresolved cybersecurity issues with AI.
Meta rolled out an AI-powered support chatbot for Instagram. Hackers figured out they could simply request that the AI chatbot send a password reset link for any Instagram account to the hacker’s email address. Meta AI support complied with the requests simply because the hacker told them they were the account owner and needed the chatbot to send the password reset link to a new email address.
Malicious actors were stealing highly followed Instagram accounts through this method and then selling them on online black markets.
Meta did eventually fix the issue, but affected users were still locked out of their accounts for a time.
This may not have been the biggest, most widespread hack on our list. But the method used to steal these Instagram accounts is certainly the fastest-growing tool in hackers’ arsenal. We’ll be seeing many more bad actors tricking easy-to-fool AI-powered systems in the very near future.
DarkSword spyware
What if a hacker could steal a smartphone’s data with nothing more than their target visiting a website?
DarkSword spyware, which could do just that, had Google and numerous cybersecurity firms ringing the alarm bells earlier this year.
Google Threat Intelligence Group and cybersecurity companies Lookout and iVerify laid out their findings in March, showing how malicious actors were exploiting vulnerabilities in Apple’s iPhone to siphon data from a device after the target visited an infected website.
Call logs, contacts, iMessage and WhatsApp data, email, calendars, notes, photos, screenshots, location history, web browser history, signed-in account identities, device keychains, SIM card info, Find My Phone settings, WiFi passwords, iCloud content alternative, and more were all able to be pulled from a malicious actor using DarkSword.
Nearly 25 percent of all iPhones are still running some version of iOS 18, the iPhone operating system that was susceptible to the attack. This meant that there were potentially hundreds of millions of iOS devices on which DarkSword could be deployed.
According to the reports, Russian hacker groups were already deploying the spyware “to fully compromise devices.”
To make matters worse, DarkSword was soon released into the wild shortly after the cybersecurity firms warned about it.
Apple did release updates and important information for users who were susceptible to the spyware. However, the existence of such an exploit shows just how easy it’s becoming for bad actors to carry out an attack.
WeedHack
Speaking of how easy it is to get hacked, WeedHack may be the perfect example of how accessible it is to become an attacker, too.
A recent report variation from McAfee Labs detailed a new hacker tool being offered as a $5 per month service alternative to aspiring attackers who may not have the technical know-how to carry out a campaign alternative themselves.
WeedHack is a malware that’s deployed under the guise of a Minecraft related client term or mod. Once a device is infected, an attacker can collect system information, search variation for files on the infected device, take screenshots of the target’s system, and steal cookies and passwords from the target’s web browser. And that’s just the free version.
For $5 per month, an attacker could also gain webcam access to the infected device, keylogging capabilities, screen sharing with keyboard and mouse access, file management variation features for uploading and downloading files, and more.
Perhaps the most concerning revelation, however, was just how WeedHack was being used.
McAfee Labs uncovered a Telegram channel for WeedHack’s related customer term base and found it was largely used by teenagers and young adults who were using the malware to cyberbully other young people, threatening, harassing, and spying on victims.
Malware-as-a-service has existed before, but WeedHack seems to be ushering in something that goes well beyond just your typical cybersecurity issues.
Source: https://mashable.com/tech/biggest-cybersecurity-data-breaches-2026







